Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

PrestaShop up to 1.7.6.7 Contact Form cross site scripting

A vulnerability, which was classified as problematic, has been found in PrestaShop up to 1.7.6.7 (E-Commerce Management Software). This issue affects some unknown functionality of the component Contact Form. Upgrading to version 1.7.6.8...
Auteur: VulDB

PrestaShop up to 1.7.6.7 Catalog Product Edition Page Parameter Blind sql injection

A vulnerability classified as critical was found in PrestaShop up to 1.7.6.7 (E-Commerce Management Software). This vulnerability affects an unknown functionality of the component Catalog Product Edition Page. Upgrading to version 1.7.6.8...
Auteur: VulDB

JerryScript 2.2.0 vm/opcodes.c privilege escalation

A vulnerability classified as critical has been found in JerryScript 2.2.0. This affects an unknown function of the file vm/opcodes.c. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

iSmartgate Pro 1.5.9 Clickjacking privilege escalation

A vulnerability was found in iSmartgate Pro 1.5.9. It has been rated as critical. Affected by this issue is some unknown processing. There is no information about possible countermeasures known. It may be suggested to replace the affected object...
Auteur: VulDB

iSmartgate Pro 1.5.9 File Upload privilege escalation

A vulnerability was found in iSmartgate Pro 1.5.9. It has been declared as critical. Affected by this vulnerability is an unknown code block of the component File Upload. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

iSmartgate Pro 1.5.9 checkUserExpirationDate.php privilege escalation

A vulnerability was found in iSmartgate Pro 1.5.9. It has been classified as critical. Affected is an unknown code of the file /cron/checkUserExpirationDate.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

iSmartgate Pro 1.5.9 /index.php cross site request forgery

A vulnerability was found in iSmartgate Pro 1.5.9 and classified as problematic. This issue affects an unknown part of the file /index.php. There is no information about possible countermeasures known. It may be suggested to replace the affected...
Auteur: VulDB

iSmartgate Pro 1.5.9 /index.php cross site request forgery

A vulnerability has been found in iSmartgate Pro 1.5.9 and classified as problematic. This vulnerability affects some unknown functionality of the file /index.php. There is no information about possible countermeasures known. It may be suggested...
Auteur: VulDB

iSmartgate Pro 1.5.9 checkExpirationDate.php PHP Code Execution privilege escalation

A vulnerability, which was classified as critical, was found in iSmartgate Pro 1.5.9. This affects an unknown functionality of the file /cron/checkExpirationDate.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

iSmartgate Pro 1.5.9 /cron/mailAdmin.php PHP Code Execution privilege escalation

A vulnerability, which was classified as critical, has been found in iSmartgate Pro 1.5.9. Affected by this issue is an unknown function of the file /cron/mailAdmin.php. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

iSmartgate Pro 1.5.9 File Upload privilege escalation

A vulnerability classified as critical was found in iSmartgate Pro 1.5.9. Affected by this vulnerability is some unknown processing of the component File Upload. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Fortinet FortiTester up to 3.8.x cross site scripting [CVE-2020-12815]

A vulnerability classified as problematic has been found in Fortinet FortiTester up to 3.8.x. Affected is an unknown code block. Upgrading to version 3.9.0 eliminates this vulnerability.
Auteur: VulDB

Fortinet FortiManager/FortiAnalyzer cross site scripting [CVE-2020-12811]

A vulnerability was found in Fortinet FortiManager and FortiAnalyzer (unknown version). It has been rated as problematic. This issue affects an unknown code. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

iSmartgate Pro 1.5.9 /index.php busca cross site request forgery

A vulnerability was found in iSmartgate Pro 1.5.9. It has been declared as problematic. This vulnerability affects an unknown part of the file /index.php. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

iSmartgate Pro 1.5.9 /index.php cross site request forgery

A vulnerability was found in iSmartgate Pro 1.5.9. It has been classified as problematic. This affects some unknown functionality of the file /index.php. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

AVEVA eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053 SOAP FavoritesService.asmx HTTP Request sql injection

A vulnerability was found in AVEVA eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053 and classified as critical. Affected by this issue is an unknown functionality of the file FavoritesService.asmx of the component SOAP Handler. There is no...
Auteur: VulDB

Check Point Security Management CA Web Management privilege escalation

A vulnerability has been found in Check Point Security Management (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown function of the component CA Web Management. Upgrading eliminates this...
Auteur: VulDB

Linux Kernel up to 5.8.1 NFC Socket net/nfc/rawsock.c privilege escalation

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.8.1 (Operating System). Affected is some unknown processing of the file net/nfc/rawsock.c of the component NFC Socket Handler. Upgrading to version 5.8.2...
Auteur: VulDB

Gemtek WRTM-127ACN/WRTM-127x9 Monitor Diagnostic Network Page privilege escalation

A vulnerability, which was classified as critical, has been found in Gemtek WRTM-127ACN and WRTM-127x9 (unknown version). This issue affects an unknown code block of the component Monitor Diagnostic Network Page. There is no information about...
Auteur: VulDB

Untis WebUntis up to 2020.9.5 cross site scripting [CVE-2020-22453]

A vulnerability classified as problematic was found in Untis WebUntis up to 2020.9.5. This vulnerability affects an unknown code. Upgrading to version 2020.9.6 eliminates this vulnerability.
Auteur: VulDB

Telmat AccessLog up to 6.0 Administration Panel Code Injection privilege escalation

A vulnerability classified as very critical has been found in Telmat AccessLog up to 6.0. This affects an unknown part of the component Administration Panel. There is no information about possible countermeasures known. It may be suggested to...
Auteur: VulDB

Telmat AccessLog up to 6.0 Login Page Code Injection privilege escalation

A vulnerability was found in Telmat AccessLog up to 6.0. It has been rated as very critical. Affected by this issue is some unknown functionality of the component Login Page. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

Liferay Portal URL Encoding privilege escalation [CVE-2020-15840]

A vulnerability was found in Liferay Portal, Liferay Portal EE and Liferay Portal DXP (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component URL Encoding Handler....
Auteur: VulDB

AVEVA eDNA Enterprise Data Historian SOAP ednareporting.asmx psAttribute sql injection

A vulnerability was found in AVEVA eDNA Enterprise Data Historian (version unknown). It has been classified as critical. Affected is an unknown function of the file ednareporting.asmx of the component SOAP Handler. There is no information about...
Auteur: VulDB

AVEVA eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053 Web Service Alias.asmx AliasName sql injection

A vulnerability was found in AVEVA eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053 and classified as critical. This issue affects some unknown processing of the file Alias.asmx of the component Web Service. There is no information about...
Auteur: VulDB
12345678910Last

Événements SSI